Hi there, I''m having a bit of an issue with my before_filter. I know that the filters put in the application.rb controller are global for all the controllers. In my application filter I''d like to allow access to the RSS feed method in a ''member'' controller and skip the login checks that the before_filters are currently performing. In my application my filters look like this: class ApplicationController < ActionController::Base before_filter :check_authentication, :except => [:check_authentication] before_filter :register_member_activity, :except => [:check_authentication] def check_authentication unless session[:member_id] session[:intended_uri] = @request.request_uri redirect_to :controller => ''login'', :action => "signin_form" end end etc.............. Obviously, now all my controllers and methods have to pass through this authentication method. For accessing RSS this doesn''t work too well. Does anyone have any ideas how to allow global access, and no filtering to one method in a different controller. I just want to expose the "RSS" method in the "Member" controller. Putting a before_filter in the Member controller and doing an :except => :rss doesn''t do the trick Thank you, Dave Hoefler -------------- next part -------------- An HTML attachment was scrubbed... URL: http://wrath.rubyonrails.org/pipermail/rails/attachments/20060516/f5434b93/attachment-0001.html
I have found that it is best to just put the before_filters for authentication in each of your controllers rather than your application controller. Nearly all of my controllers have at least one publicly visible method so I would end up having to customize each of them. However, one alternative would be to override your check_authentication method in your other controller. Then you could add some test to verify the action. Although this is probably not the ideal solution. Tom On 5/16/06, Dave Hoefler <dhoefler@gmail.com> wrote:> Hi there, > > I''m having a bit of an issue with my before_filter. I know that the filters > put in the application.rb controller are global for all the controllers. In > my application filter I''d like to allow access to the RSS feed method in a > ''member'' controller and skip the login checks that the before_filters are > currently performing. > > In my application my filters look like this: > > class ApplicationController < ActionController::Base > > before_filter :check_authentication, :except => [:check_authentication] > before_filter :register_member_activity, :except => > [:check_authentication] > > def check_authentication > unless session[:member_id] > session[:intended_uri] = @request.request_uri > redirect_to :controller => ''login'', :action => "signin_form" > end > end > > etc.............. > > > Obviously, now all my controllers and methods have to pass through this > authentication method. For accessing RSS this doesn''t work too well. > > Does anyone have any ideas how to allow global access, and no filtering to > one method in a different controller. I just want to expose the "RSS" method > in the "Member" controller. Putting a before_filter in the Member controller > and doing an :except => :rss doesn''t do the trick > > > Thank you, > Dave Hoefler > > _______________________________________________ > Rails mailing list > Rails@lists.rubyonrails.org > http://lists.rubyonrails.org/mailman/listinfo/rails > > >-- Tom Davies http://blog.atomgiant.com http://gifthat.com
Alain Ravet
2006-May-17 16:08 UTC
[Rails] Re: before_filter and the application controller
Dave> Does anyone have any ideas how to allow global access, and no filtering > to one method in a different controller.You can add guards in the filter, based on the controller and/or action names. Example: #in application.rb before_filter :login_required, :except => [:welcome,:login] def login_required return if self.controller_name == ''test'' <<----- GUARD unless current_user redirect_to login_invite_url end end Alain